/*     */ package xin.petstore.framework.cas;
/*     */ 
/*     */ import com.eloancn.framework.cas.session.redis.RedisSessionDAO;
/*     */ import java.io.IOException;
/*     */ import java.io.Serializable;
/*     */ import java.util.zip.Inflater;
/*     */ import javax.servlet.ServletRequest;
/*     */ import javax.servlet.ServletResponse;
/*     */ import javax.servlet.http.HttpServletRequest;
/*     */ import org.apache.commons.codec.binary.Base64;
/*     */ import org.apache.commons.lang3.StringUtils;
/*     */ import org.apache.shiro.authc.AuthenticationException;
/*     */ import org.apache.shiro.authc.AuthenticationToken;
/*     */ import org.apache.shiro.cache.Cache;
/*     */ import org.apache.shiro.cache.CacheManager;
/*     */ import org.apache.shiro.cas.CasToken;
/*     */ import org.apache.shiro.session.Session;
/*     */ import org.apache.shiro.session.mgt.SimpleSession;
/*     */ import org.apache.shiro.subject.Subject;
/*     */ import org.apache.shiro.subject.support.DelegatingSubject;
/*     */ import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
/*     */ import org.apache.shiro.web.util.WebUtils;
/*     */ import org.jasig.cas.client.util.CommonUtils;
/*     */ import org.jasig.cas.client.util.XmlUtils;
/*     */ import org.slf4j.Logger;
/*     */ import org.slf4j.LoggerFactory;
/*     */ 
/*     */ public class CasFilter extends AuthenticatingFilter
/*     */ {
/*  68 */   private static Logger logger = LoggerFactory.getLogger(CasFilter.class);
/*     */   private static final String TICKET_PARAMETER = "ticket";
/*     */   private static final String TICKET_LOGOUT = "logout";
/*     */   public static final String TICKET_SESSION = "SERSSIONID";
/*     */   private CacheManager cacheManager;
/*     */   private RedisSessionDAO redisSessionDAO;
/*     */   private String failureUrl;
/*     */ 
/*     */   protected AuthenticationToken createToken(ServletRequest request, ServletResponse response)
/*     */     throws Exception
/*     */   {
/* 101 */     HttpServletRequest httpRequest = (HttpServletRequest)request;
/* 102 */     String ticket = httpRequest.getParameter("ticket");
/* 103 */     return new CasToken(ticket);
/*     */   }
/*     */ 
/*     */   private String uncompressLogoutMessage(String originalMessage)
/*     */   {
/* 112 */     byte[] binaryMessage = Base64.decodeBase64(originalMessage);
/*     */ 
/* 114 */     Inflater decompresser = null;
/*     */     try
/*     */     {
/* 117 */       decompresser = new Inflater();
/* 118 */       decompresser.setInput(binaryMessage);
/* 119 */       byte[] result = new byte[binaryMessage.length * 10];
/*     */ 
/* 121 */       int resultLength = decompresser.inflate(result);
/*     */ 
/* 124 */       String str = new String(result, 0, resultLength, "UTF-8");
/*     */       return str;
/*     */     } catch (Exception e) {
/* 126 */       logger.error("Unable to decompress logout message", e);
/* 127 */       throw new RuntimeException(e);
/*     */     } finally {
/* 129 */       if (decompresser != null)
/* 130 */         decompresser.end();
/*     */     }
/* 132 */     throw localObject;
/*     */   }
/*     */ 
/*     */   protected boolean onAccessDenied(ServletRequest request, ServletResponse response)
/*     */     throws Exception
/*     */   {
/* 150 */     HttpServletRequest httpRequest = (HttpServletRequest)request;
/* 151 */     String SAMLRequest = httpRequest.getParameter("SAMLRequest");
/*     */     String logoutMessage;
/*     */     String logoutMessage;
/* 152 */     if (StringUtils.isAllLowerCase(SAMLRequest))
/* 153 */       logoutMessage = uncompressLogoutMessage(CommonUtils.safeGetParameter(httpRequest, "SAMLRequest"));
/*     */     else {
/* 155 */       logoutMessage = CommonUtils.safeGetParameter(httpRequest, "logoutRequest");
/*     */     }
/* 157 */     if (StringUtils.isNotEmpty(logoutMessage)) {
/* 158 */       String token = XmlUtils.getTextForElement(logoutMessage, "SessionIndex");
/* 159 */       Serializable sessionId = (Serializable)this.cacheManager.getCache("logout").get(token);
/* 160 */       if (sessionId != null) {
/* 161 */         SimpleSession ss = new SimpleSession();
/* 162 */         ss.setId(sessionId);
/* 163 */         this.redisSessionDAO.delete(ss);
/* 164 */         if (logger.isInfoEnabled())
/* 165 */           logger.info("remove session Attribute：{}", DelegatingSubject.class.getName() + ".RUN_AS_PRINCIPALS_SESSION_KEY");
/*     */       }
/*     */     }
/* 168 */     return executeLogin(request, response);
/*     */   }
/*     */ 
/*     */   public void delSession(String token) {
/* 172 */     Serializable sessionId = (Serializable)this.cacheManager.getCache("logout").get(token);
/* 173 */     if (sessionId != null) {
/* 174 */       SimpleSession ss = new SimpleSession();
/* 175 */       ss.setId(sessionId);
/* 176 */       this.redisSessionDAO.delete(ss);
/* 177 */       if (logger.isInfoEnabled())
/* 178 */         logger.info("remove session Attribute：{}", DelegatingSubject.class.getName() + ".RUN_AS_PRINCIPALS_SESSION_KEY");
/*     */     }
/*     */   }
/*     */ 
/*     */   protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue)
/*     */   {
/* 197 */     return false;
/*     */   }
/*     */ 
/*     */   protected boolean onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response)
/*     */     throws Exception
/*     */   {
/* 219 */     String ticket = (String)token.getCredentials();
/* 220 */     if (logger.isInfoEnabled())
/* 221 */       logger.info("storage session ticket：{}", ticket);
/* 222 */     this.cacheManager.getCache("logout").put(ticket, 
/* 223 */       subject.getSession().getId());
/* 224 */     this.cacheManager.getCache("SERSSIONID").put(subject.getSession().getId(), ticket);
/* 225 */     issueSuccessRedirect(request, response);
/* 226 */     return false;
/*     */   }
/*     */ 
/*     */   protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException ae, ServletRequest request, ServletResponse response)
/*     */   {
/* 248 */     Subject subject = getSubject(request, response);
/* 249 */     if ((subject.isAuthenticated()) || (subject.isRemembered()))
/*     */       try {
/* 251 */         issueSuccessRedirect(request, response);
/*     */       } catch (Exception e) {
/* 253 */         logger.error("Cannot redirect to the default success url", e);
/*     */       }
/*     */     else {
/*     */       try {
/* 257 */         WebUtils.issueRedirect(request, response, this.failureUrl);
/*     */       } catch (IOException e) {
/* 259 */         logger.error("Cannot redirect to failure url : {}", this.failureUrl, 
/* 260 */           e);
/*     */       }
/*     */     }
/* 263 */     return false;
/*     */   }
/*     */ 
/*     */   public void setFailureUrl(String failureUrl) {
/* 267 */     this.failureUrl = failureUrl;
/*     */   }
/*     */ 
/*     */   public void setCacheManager(CacheManager cacheManager) {
/* 271 */     this.cacheManager = cacheManager;
/*     */   }
/*     */   public void setRedisSessionDAO(RedisSessionDAO redisSessionDAO) {
/* 274 */     this.redisSessionDAO = redisSessionDAO;
/*     */   }
/*     */ }

/* Location:           C:\java代码反编译器\core-1.1.4.jar
 * Qualified Name:     com.eloancn.framework.cas.CasFilter
 * JD-Core Version:    0.6.0
 */